Manuals / SMC Networks / Computer Equipment / Switch

SMC Networks SMC6824M manual Replacing the Default Secure-site Certificate, Https Settings

Models: SMC6824M

1 608

Download 608 pages 58 Kb

Page 133

Image 133

USER AUTHENTICATION

Web – Click Security, HTTPS Settings. Enable HTTPS and specify the port number, then click Apply.

Figure 3-33 HTTPS Settings

CLI – This example enables the HTTP secure server and modifies the port number.

Console(config)#ip http secure-server	4-41
Console(config)#ip http secure-port 441	4-42
Console(config)#

Replacing the Default Secure-site Certificate

When you log onto the web interface using HTTPS (for secure access), a Secure Sockets Layer (SSL) certificate appears for the switch. By default, the certificate that Netscape and Internet Explorer display will be associated with a warning that the site is not recognized as a secure site. This is because the certificate has not been signed by an approved certification authority. If you want this warning to be replaced by a message confirming that the connection to the switch is secure, you must obtain a unique certificate and a private key and password from a recognized certification authority.

Note: For maximum security, we recommend you obtain a unique Secure Sockets Layer certificate at the earliest opportunity. This is because the default certificate for the switch is not unique to the hardware you have purchased.

3-77

Page 133

Image 133

SMC Networks SMC6824M manual Replacing the Default Secure-site Certificate, Https Settings

Contents

TigerStack III 10/100 Page TigerStack III 10/100 Management Guide Trademarks Limited Warranty Limited Warranty Table of Contents Table of Contents Table of Contents Table of Contents Vii Command Line InterfaceViii Table of Contents Table of Contents Table of Contents Xii Xiii Xiv Table of Contents Xvi Xvii Glossary IndexXviii Xix TablesTables Xxi Xxii Xxiii Figures37 802.1X Global Information XxivXxv Xxvi Key Features Key FeaturesFeature Description Lacp Description of Software FeaturesDescription of Software Features Introduction Description of Software Features Introduction System Defaults System DefaultsFunction Parameter Default Https Pvid Dhcp Configuration Options Connecting to the SwitchInitial Configuration Required Connections Remote Connections Stack Operations Recovering from Stack Failure or Topology ChangeSelecting the Stack Master Resilient IP Interface for Management Access Basic ConfigurationConsole Connection Setting an IP Address Setting PasswordsManual Configuration Dynamic Configuration Enabling Snmp Management Access Community Strings for Snmp version 1 and 2c clients Clients, we recommend that you delete both of the defaultTrap Receivers Configuring Access for Snmp Version 3 ClientsSaving Configuration Settings Managing System Files Configuring Power over Ethernet Initial Configuration Using the Web Interface Configuring the SwitchConfiguring the Switch Home Navigating the Web Browser InterfaceButton Web Page Configuration ButtonsAction Panel Display Front Panel IndicatorsMain Menu Switch Main MenuMenu Description Sntp ACL Vlan Mstp 206 Vlan ID Field Attributes Displaying System InformationSystem Information CLI Specify the hostname, location and contact information Displaying Switch Hardware/Software VersionsManagement Software General Switch Information Web Click System, Switch InformationField Attributes Displaying Bridge Extension CapabilitiesCLI Enter the following command Setting the IP AddressWeb Click System, Bridge Extension Command Attributes IP Interface Configuration Manual Manual ConfigurationIP Interface Configuration Dhcp Using DHCP/BOOTPManaging Firmware Command AttributesCopy Firmware Downloading System Software from a ServerSetting the Startup Code Command Usage Saving or Restoring Configuration SettingsBasic Configuration 11 Downloading Configuration Settings for Start-Up Downloading Configuration Settings from a Server12 Setting the Startup Configuration Settings Command Attributes Console Port SettingsCLI only 13 Console Port Settings Command Attributes Telnet Settings14 Configuring the Telnet Interface System Log Configuration Configuring Event LoggingLogging Levels Command Attributes15 System Logs Remote Log Configuration16 Remote Logs 17 Displaying Logs Displaying Log MessagesCLI This example shows the event message stored in RAM Sending Simple Mail Transfer Protocol Alerts18 Enabling and Configuring Smtp Alerts 19 Resetting the Switch Resetting the SystemConfiguring Sntp Setting the System ClockCLI Use the reload command to reboot the system 20 Sntp Configuration Setting the Time ZoneSimple Network Management Protocol 21 Setting the Time ZoneConfiguring the Switch Model Level Group Read Write Notify Security View SNMPv3 Security Models and LevelsCLI The following example enables Snmp on the switch Setting Community Access StringsEnabling the Snmp Agent 23 Configuring Snmp Community Strings Specifying Trap Managers and Trap Types Command UsageCommand Attributes 24 Configuring Snmp Trap Managers Setting the Local Engine ID Configuring SNMPv3 Management AccessCLI This example sets an SNMPv3 engine ID Specifying a Remote Engine IDCLI This example specifies a remote SNMPv3 engine ID Configuring SNMPv3 UsersConfiguring the Switch 27 Configuring SNMPv3 Users 169 Configuring Remote SNMPv3 UsersCommand Attributes 28 Configuring Remote SNMPv3 Users Configuring SNMPv3 Groups Object Label Object ID Description Supported Notification MessagesObject Label Object ID Description Rmon Events SwIpFilterRejectTrap 29 Configuring SNMPv3 Groups 165 Setting SNMPv3 Views30 Configuring SNMPv3 Views 163 User AuthenticationCommand Attributes Configuring User Accounts31 Configuring User Accounts That use software running Configuring Local/Remote Logon AuthenticationOn a central server to Radius Settings Command Attributes32 Authentication Server Settings Tacacs Settings104 Configuring HttpsWeb Browser Operating System Https Support33 Https Settings Replacing the Default Secure-site CertificateConfiguring the Secure Shell Command Usage Configuring the Switch Field Attributes Generating the Host Key Pair34 SSH Host-Key Settings SSH server includes basic settings for authentication Configuring the SSH Server35 SSH Server Settings Command Usage Configuring Port SecurityCommand Attributes 36 Enabling Port Security Configuring 802.1X Port Authentication 802.1X protocol provides client authentication Displaying 802.1X Global Settings802.1X System Authentication Control The global setting for Web Click Security, 802.1X, InformationCLI This example shows the default global setting for Configuring 802.1X Global SettingsCLI This example enables 802.1X globally for the switch Configuring Port Settings for Authorized 39 802.1X Port ConfigurationUser Authentication 802.1X Statistics Displaying 802.1X StatisticsParameter Description CLI This example displays the 802.1X statistics for port 40 Displaying 802.1X StatisticsCommand Usage Filtering IP Addresses for Management Access41 Entering IP Addresses to be Filtered Configuring Access Control Lists Access Control ListsCommand Attributes Setting the ACL Name and Type100 Configuring a Standard IP ACL Command AttributesCLI This example creates a standard IP ACL named bill 101 Configuring an Extended IP ACL Command Attributes102 103 44 Configuring Extended IP ACLs104 Configuring a MAC ACL Command Attributes105 Command Usage106 45 Configuring MAC ACLs107 Configuring ACL MasksSpecifying the Mask Type 108 Configuring an IP ACL MaskThis mask defines the fields to check in the IP header 109 47 Configuring an IP based ACL110 Configuring a MAC ACL MaskThis mask defines the fields to check in the packet header 111 48 Configuring an ACL MAC Mask112 Binding a Port to an Access Control List49 Mapping ACLs to Port Ingress/Egress Queues 113Command Attributes Web Port ConfigurationDisplaying Connection Status 114Field Attributes CLI 115Web Click Port, Port Information or Trunk Information Current status 116117 Configuring Interface ConnectionsCLI This example shows the connection status for Port 118 119 51 Configuring Port Attributes120 Creating Trunk Groups121 Statically Configuring a Trunk Command Usage122 52 Static Trunk Configuration123 Enabling Lacp on Selected Ports Command Usage124 53 Lacp Port Configuration125 126 127 54 Lacp Aggregation Port Configuration128 Displaying Lacp Port Counters 129You can display statistics for Lacp protocol messages Lacp Port CountersLacp Internal Configuration Information Displaying Lacp Settings and Status for the Local Side130 131 56 Displaying Lacp Port Information 13210 Lacp Neighbor Configuration Information Displaying Lacp Settings and Status for the Remote Side133 57 Displaying Remote Lacp Port Information 134135 Setting Broadcast Storm Thresholds136 Configuring Port Mirroring137 59 Configuring a Mirror PortCommand Attribute Configuring Rate Limits138 139 Showing Port Statistics11 Port Statistics 140141 Rmon Statistics 142143 61 Port Statistics 144145 Power Over Ethernet SettingsCLI This example shows statistics for port Displays the Power over Ethernet parameters for the switch Switch Power Status146 Web Click PoE, Power Status Setting a Switch Power Budget147 148 Displaying Port Power StatusWeb Click PoE, Power Port Status Configuring Port PoE Power149 150 65 Configuring Port PoE PowerSetting Static Addresses Address Table Settings151 152 Displaying the Address Table67 Displaying the MAC Dynamic Address Table 153Changing the Aging Time Spanning Tree Algorithm Configuration154 CLI This example sets the aging time to 300 seconds155 156 Displaying Global Settings157 158 Web Click Spanning Tree, STA Information 159Global settings apply to the entire switch Configuring Global Settings160 161 Basic Configuration of Global Settings162 Root Device Configuration163 Configuration Settings for Rstp164 70 Configuring the Spanning Tree Algorithm165 Displaying Interface Settings166 AD B 16771 STA Port Information 168169 Configuring Interface Settings170 171 72 Configuring Spanning Tree Algorithm per Port172 Configuring Multiple Spanning TreesCLI This example sets STA attributes for port 173 73 Mstp Vlan Configuration174 175 Displaying Interface Settings for Mstp176 177 Configuring Interface Settings for MstpCLI This example sets the Mstp attributes for port 178Ieee 802.1Q VLANs Vlan Configuration179 Assigning Ports to VLANs 180181 Forwarding Tagged/Untagged Frames 182CLI This example enables Gvrp for the switch Enabling or Disabling Gvrp Global Setting183 Displaying Basic Vlan Information 184Web Click VLAN, 802.1Q VLAN, Basic Information Displaying Current VLANs 185186 Command Attributes CLICreating VLANs 79 Vlan Static List Creating VLANs 187Adding Static Members to VLANs Vlan Index 188CLI This example creates a new Vlan 189 Command AttributesAdding Static Members to VLANs Port Index 190191 Configuring Vlan Behavior for Interfaces192 193 194 Private VLANs195 Vlan ID ID of configured VlanDisplaying Current Private VLANs 83 Displaying Private Vlan Port Information 196197 Configuring Private VLANsAssociating Community VLANs 198Each community Vlan must be associated with a primary Vlan Displaying Private Vlan Interface Information 199200 Configuring Private Vlan Interfaces201 87 Configuring Private Vlan PortsLayer 2 Queue Settings Class of Service ConfigurationSetting the Default Priority for Interfaces 202203 CLI This example assigns a default priority of 5 to portMapping CoS Values to Egress Queues 20412 Mapping CoS Values to Egress Queues 13 CoS Priority Levels205 89 Configuring Traffic Classes206 Selecting the Queue Mode207 Setting the Service Weight for Traffic Classes208 Layer 3/4 Priority SettingsMapping Layer 3/4 Priorities to CoS Values Selecting IP Precedence/DSCP PriorityMapping IP Precedence 20914 Mapping IP Precedence 210 93 Mapping IP Precedence to Class of Service ValuesMapping Dscp Priority 21115 Mapping Dscp Priority IP Dscp Value CoS Value212 94 Mapping IP Dscp Priority to Class of Service ValuesMapping IP Port Priority 21395 Globally Enabling the IP Port Priority Status 214215 Copy Settings216 CLI This feature not supported through the CLIMapping CoS Values to ACLs 16 CoS to ACL Mapping98 Mapping CoS Values to ACLs 217Changing Priorities Based on ACL Rules 21899 Changing Priorities Based on ACL Rules 219Igmp Protocol Multicast Filtering220 221 Layer 2 Igmp Snooping and Query222 Configuring Igmp Snooping and Query Parameters223 100 Configuring Internet Group Management ProtocolDisplaying Interfaces Attached to a Multicast Router 224Specifying Interfaces Attached to a Multicast Router 225226 Displaying Port Members of Multicast Services227 103 Displaying Port Members of Multicast Services228 Assigning Ports to Multicast ServicesConfiguring General DNS Server Parameters Configuring Domain Name Service229 230 231 105 Configuring DNS232 Configuring Static DNS Host to Address Entries106 Mapping IP Addresses to a Host Name 233234 Displaying the DNS CacheWeb Select DNS, Cache 235236 Accessing the CLI Using the Command Line InterfaceConsole Connection Telnet Connection This section describes how to enter CLI commands Entering CommandsKeywords and Arguments Getting Help on Commands Command CompletionShowing Commands Minimum AbbreviationCommand Line Interface Using Command History Negating the Effect of CommandsUnderstanding Command Modes Partial Keyword LookupCommand Modes Exec CommandsClass Mode Configuration Commands Mode Command Prompt Configuration Command ModesKeystroke Commands Command Line ProcessingKeystroke Function Command Group Index Command GroupsCommand Group Description Configures DNS services 286 Line Commands Line CommandsCommand Function Mode Password-thresh commandLine Syntax Login local no login LoginLogin local Line ConfigurationUsername 4-34password PasswordSyntax Password 0 7 password no password No password is specifiedLogin 4-15password-thresh Timeout login responseCLI Disabled 0 seconds Telnet 300 seconds To set the timeout to two minutes, enter this commandSyntax Exec-timeout seconds no exec-timeout Exec-timeoutCLI and Telnet 600 seconds 10 minutes Syntax Password-thresh threshold no password-thresh Password-threshDefault value is three attempts Databits Silent-timeSyntax Silent-time seconds no silent-time Syntax Databits 7 8 no databitsSyntax Parity none even odd no parity ParityTo specify 57600 bps, enter this command To specify no parity, enter this commandSpeed Syntax Speed bps no speedDisconnect StopbitsStopbits 1 Syntax disconnect session-idSyntax Show line console vty Show lineEnable General CommandsGeneral Commands Syntax enable levelDisable Enable password DisableNone Show history ConfigureThis command resets the entire system This command restarts the systemReload This command returns to Privileged Exec mode This example shows how to reset the switchEnd ExitThis example shows how to quit a CLI session Use this command to exit the configuration programQuit System Management Commands System Management CommandsCommand Group Function Device Designation Commands Device Designation CommandsPrompt Syntax Prompt string no promptLight unit HostnameSyntax Hostname name no hostname Syntax Light unit unitUser Access Commands User Access CommandsUsername Username Access-level Password 10 Default Login SettingsDefault is level is level Default password is super Enable passwordEnable 4-25authentication enable IP Filter Commands11 IP Filter Commands ManagementShow management 12 Web Server Commands Web Server CommandsSyntax No ip http server Default Setting Default Setting Command ModeIp http port Ip http serverIp http secure-server Syntax No ip http secure-server Default Setting13 Https System Support Ip http secure-portIp http secure-port4-42 Copy tftp https-certificate Portnumber The UDP port used for HTTPS. Range14 Telnet Server Commands Telnet Server CommandsIp telnet server Ip http secure-server4-41Server Enabled Server Port Secure Shell CommandsCommand Function Mode 15 Secure Shell CommandsSystem Management Commands Disabled Syntax No ip ssh server Default SettingIp ssh server Syntax Ip ssh timeout seconds no ip ssh timeout Ip ssh timeoutIp ssh crypto host-key generate 4-51 show ssh SecondsExec-timeout4-18 show ip ssh Ip ssh authentication-retriesDelete public-key Ip ssh server-key sizeSyntax Delete public-key username dsa rsa Syntax Ip ssh crypto host-key generate dsa rsa Ip ssh crypto host-key generateDsa DSA Version 2 key type Rsa RSA Version 1 key type Generates both the DSA and RSA key pairsIp ssh save host-key Ip ssh crypto zeroizeSyntax Ip ssh crypto zeroize dsa rsa Syntax Ip ssh save host-key dsa rsaShow ip ssh This command displays the current SSH server connectionsShow ssh Saves both the DSA and RSA keyTerminology 16 show ssh display descriptionSyntax Show public-key user username host Show public-keyUsername Name of an SSH user. Range 1-8 characters Shows all public keys17 Event Logging Commands Event Logging CommandsLogging on Syntax No logging on Default SettingLogging history Logging history 4-57clear logging18 Logging Levels Flash errors level 3 RAM informational level 6Level Severity Name Description Logging facility Logging hostSyntax No logging host hostipaddress Hostipaddress The IP address of a syslog serverLogging trap Disabled Level 7Syntax Logging trap level no logging trap Show logging Clear logSyntax Clear log flash ram Syntax Show logging flash ram sendmail trap19 show logging flash/ram display description Following example displays settings for the trap function20 show logging trap display description Show logSyntax Show log flash ram 21 Smtp Commands Smtp Alert CommandsLogging sendmail host Following example shows the event message stored in RAMSyntax Logging sendmail level level Logging sendmail levelSyntax Logging sendmail source-email email-address Logging sendmail source-emailLogging sendmail destination-email Syntax No logging sendmail Default SettingLogging sendmail Syntax No logging sendmail destination-email email-address22 Time Commands Time CommandsShow logging sendmail Sntp client Syntax No sntp client Default SettingSntp server 4-70 sntp poll 4-71 show sntp Sntp serverSyntax Sntp server ip1 ip2 ip3 Sntp client 4-69 sntp poll 4-71 show sntp Sntp pollSyntax Sntp poll seconds no sntp poll Sntp client Show sntpNone Clock timezoneCalendar set This command displays the system clockShow calendar SyntaxShow startup-config System Status Commands23 System Status Commands Example Related Commands Show running-configShow startup-config Show system This command displays system informationShow version Show users24 Flash/File Commands Flash/File CommandsPrivileged Exec CopyCommand Usage Following example shows how to download a configuration file Command Line Interface Delete This command deletes a file or imageDir Delete public-key Syntax Dir unit boot-rom config opcode filename This command displays a list of files in flash memoryDir 25 File Directory InformationFollowing example shows how to display all file information WhichbootSyntax Boot system unit boot-romconfig opcode filename Boot systemDir 4-87whichboot 26 PoE Commands Power over Ethernet CommandsCommand Group Function Mode Power inline compatible Power mainpower maximum allocationSyntax Power mainpower maximum allocation watts unit unit Syntax No power inline compatibleCompatible Mode Enabled Power inline maximum allocation Power inlineSyntax No power inline Default Setting Low Power inline prioritySyntax Show power inline status interface Show power inline statusEthernet Unit Stack unit. Range Port Port number. Range27 show power inline status parameters Show power mainpower28 show power mainpower parameters Mainpower maximum allocation onAuthentication Sequence Authentication Commands29 Authentication Commands 30 Authentication Sequence CommandLocal Authentication loginUsername for setting the local user names and passwords Authentication enableRadius Client 31 Radius Client CommandsTimeout 5 seconds Default Setting Auth-portRetransmit Command Mode Radius-server hostRadius-server key Radius-server portSyntax Radius-server port portnumber no radius-server port 1812Radius-server retransmit Radius-server timeoutPrivileged Exec Show radius-serverTACACS+ Client 32 TACACS+ Client CommandsTacacs-server host Hostipaddress IP address of a TACACS+ serverTacacs-server key Tacacs-server portSyntax Tacacs-server port portnumber no tacacs-server port Syntax Tacacs-server key keystring no tacacs-server keyShow tacacs-server Port Security CommandsStatus Disabled Action None Maximum Addresses 33 Port Security CommandsInterface Configuration Ethernet Port security109 34 802.1X Port Authentication Commands 802.1X Port AuthenticationSyntax No dot1x system-auth-control Default Setting Dot1x defaultDot1x system-auth-control Dot1x max-reqDefault Default Command ModeDot1x port-control Force-authorizedSingle-host Dot1x operation-modeDot1x re-authentication Dot1x re-authenticateSyntax Dot1x re-authenticate interface Syntax No dot1x re-authentication Command ModeDot1x timeout re-authperiod Dot1x timeout quiet-periodSeconds The number of seconds. Range Show dot1x Dot1x timeout tx-periodSyntax Show dot1x statistics interface interface Statistics Displays dot1x status for each port Interface117 State- Current state including initialize, reauthenticate Authenticator State MachineAccess Control Lists Access Control List CommandsAccess Control List Commands 35 Access Control List Commands Masks for Access Control ListsCommand Groups Function IP ACLs 36 IP ACL CommandsSyntax No access-list ip standard extended aclname Access-list ipPermit, deny Standard ACL Access-list ip extended fragment-auto-maskStandard ACL Permit, deny Extended ACLExtended ACL No permit deny tcp127 This command displays the rules for configured IP ACLs Show ip access-listSyntax Show ip access-list standard extended aclname Permit, deny Ip access-group4-134Syntax No access-list ip mask-precedence in out Access-list ip mask-precedenceMask IP ACL 4-130 ip access-group4-134 IP Mask Syntax No mask protocol131 132 Syntax Show access-list ip mask-precedence in out Show access-list ip mask-precedenceSyntax No ip access-group aclname in out Ip access-groupMap access-list ip Show ip access-groupShow ip access-list4-128 This command shows the ports assigned to IP ACLsQueue cos-map4-257 Show map access-list ip Show map access-list ipSyntax Show map access-list ip interface 37 Egress Queue Priority MappingMap access-list ip Match access-list ip38 MAC ACL Commands Match access-list ipShow marking MAC ACLsSyntax No access-list mac aclname Access-list macSyntax No permit deny Permit, deny MAC ACLMAC ACL This command displays the rules for configured MAC ACLs Show mac access-listSyntax Show mac access-list aclname Permit, deny Mac access-group4-146Mask MAC ACL 4-144 mac access-group4-146 Access-list mac mask-precedenceMAC Mask Syntax No mask pktformatThis example creates an Egress MAC ACL 145Mac access-group Show access-list mac mask-precedenceSyntax Show access-list mac mask-precedence in out Syntax Mac access-group aclname in outMap access-list mac Show mac access-groupShow mac access-list4-142 This command shows the ports assigned to MAC ACLsQueue cos-map4-257 Show map access-list mac Show map access-list macSyntax Show map access-list mac interface 39 Mapping CoS Values to MAC ACL RulesMap access-list mac Match access-list macACL Information Show access-list40 ACL Information Show access-group Snmp CommandsThis command shows the port assignments of ACLs 41 Snmp CommandsSnmp-server Syntax No snmp-server Default SettingNone Show snmpSnmp-server contact Snmp-server communitySyntax Snmp-server contact string no snmp-server contact Syntax Snmp-server location text no snmp-server location Snmp-server locationSnmp-server host 156157 158 Issue authentication and link-up-down traps Snmp-server enable trapsSnmp-server host Snmp-server engine-idThis example shows the default engine ID This command shows the Snmp engine IDShow snmp engine-id Snmp-server view Defaultview includes access to the entire MIB tree42 show snmp engine-id display description Show snmp view This command shows information on the Snmp viewsExamples This view includes MIB-2Snmp-server group 164Show snmp group Command Usage44 show snmp group display description 166Snmp-server user Default Setting168 Show snmp user This command shows information on Snmp users45 show snmp user display description 46 Interface Commands Interface CommandsDescription InterfacePort-channel channel-idRange Syntax Description string no descriptionSpeed-duplex Interface Configuration Ethernet, Port ChannelFollowing example adds a description to port Negotiation Syntax No negotiation Default SettingNegotiation 4-173capabilities Capabilities Following example configures port 11 to use autonegotiationNegotiation 4-173speed-duplex Flow control enabled Syntax No flowcontrol Default SettingFlowcontrol Negotiation 4-173speed-duplex4-172 flowcontrolSyntax No shutdown Default Setting Following example enables flow control on portAll interfaces are enabled ShutdownFollowing example disables port Switchport broadcast packet-ratePort-channel channel-idRange Default Setting This command clears statistics on an interfaceClear counters Syntax Clear counters interfaceShow interfaces status This command displays the status for an interfaceSyntax Show interfaces status interface Shows the status for all interfacesShow interfaces counters This command displays interface statisticsSyntax Show interfaces counters interface Shows the counters for all interfaces181 Syntax Show interfaces switchport interface Show interfaces switchportThis example shows the configuration setting for port Shows all interfacesField Description 47 show interfaces switchport display description48 Mirror Port Commands Mirror Port CommandsInterface Configuration Ethernet, destination port Port monitorShow port monitor This command displays mirror informationSyntax Show port monitor interface Shows all sessionsFollowing shows mirroring configured from port 6 to port Rate Limit Commands49 Rate Limit Commands Rate-limit Interface Configuration Ethernet, Port Channel50 Link Aggregation Commands Link Aggregation CommandsGeneral Guidelines Guidelines for Creating TrunksChannel-group Syntax no lacp Default SettingLacp Syntax Channel-group channel-idno channel-group191 32768 Lacp system-priorityLacp admin-keyEthernet Interface Syntax Lacp admin-key key no lacp admin-key Lacp admin-key Port ChannelLacp port-priority Default SettingShow lacp This command displays Lacp informationPort Channel all 51 show lacp counters display description52 show lacp internal display description 197Partner 53 show lacp neighbors display description 19955 Address Table Commands Address Table Commands54 show lacp sysid display description Mac-address- MAC address Mac-address-table staticVlan-id- Vlan ID Range Show mac-address-table Clear mac-address-table dynamicMac-address- MAC address Mask Bits to match in the address Seconds Mac-address-table aging-time56 Spanning Tree Commands Spanning Tree CommandsShow mac-address-table aging-time RSTP/MSTP Spanning tree is enabled Syntax No spanning-tree Default SettingSpanning-tree Rstp Spanning-tree modeSpanning-tree forward-time 208Seconds Spanning-tree hello-timeSpanning-tree max-age 210Spanning-tree priority Spanning-tree default priorityIeee 802.1t format Long method Spanning-tree pathcost methodSpanning-tree transmission-limit This command limits the maximum transmission rate for BPDUsCount -The transmission limit in seconds. Range Spanning-tree mst-configuration Spanning-tree backup-rootSyntax No spanning-tree backup-root Default Setting Mst vlan MST ConfigurationMst instanceid priority priority no mst instanceid priority Mst priorityName Switch’s MAC addressSyntax name name Name Name of the spanning treeMax-hops RevisionSyntax revision number Number Revision number of the spanning tree. RangeSyntax No spanning-tree spanning-disabled Default Setting Spanning-tree spanning-disabledThis example disables the Spanning Tree Algorithm for port Syntax Spanning-tree cost cost no spanning-tree cost Spanning-tree costSpanning-tree edge-port Spanning-tree port-priorityPriority The priority for a port. Range 0-240, in steps Syntax No spanning-tree edge-portSpanning-tree portfast Syntax No spanning-tree portfast Default SettingSpanning-treeedge-port4-221 Spanning-tree link-typeAuto Spanning-tree mst costSpanning-tree mst port-priority4-225 Spanning-tree mst port-prioritySpanning-tree protocol-migration Port-channel channel-idRange Command ModeSyntax Spanning-tree protocol-migration interface Syntax Show spanning-tree interface mst instanceid Show spanning-tree228 229 Show spanning-tree mst configuration57 Vlan Commands Vlan CommandsEditing Vlan Groups Vlan databaseVlan By default only Vlan 1 exists and is activeVlan Database Configuration Configuring Vlan Interfaces59 Configuring Vlan Interfaces Syntax Interface vlan vlan-id Interface vlanShutdown Syntax Switchport mode trunk hybrid no switchport mode Switchport modeAll ports are in hybrid mode with the Pvid set to Vlan All frame types Switchport acceptable-frame-typesSyntax No switchport ingress-filtering Default Setting Switchport ingress-filtering237 Switchport native vlan238 Switchport allowed vlan239 Switchport forbidden vlanNo VLANs are included in the forbidden list Displaying Vlan Information 240Show vlan 60 Displaying Vlan Information61 Private Vlan Commands Following example shows how to display information for Vlan241 242 Private-vlan 243Private-vlan association 244No private-vlan primary-vlan-idassociation 245 Switchport mode private-vlanNormal Vlan Switchport private-vlan mapping Switchport private-vlan host-association246 Show vlan private-vlan 247Syntax Show vlan private-vlan community primary 62 Gvrp and Bridge Extension Commands Gvrp and Bridge Extension Commands248 249 Syntax No bridge-ext gvrp Default SettingBridge-ext gvrp Show bridge-extShow gvrp configuration Switchport gvrpSyntax No switchport gvrp Default Setting Syntax Show gvrp configuration interfaceShows both global and interface-specific configuration Garp timer251 Syntax Show garp timer interface Show garp timerShows all Garp timers 25263 Priority Commands Priority Commands253 Queue mode Priority Commands Layer64 Priority Commands Layer Syntax Queue mode strict wrr no queue modeQueue bandwidth 255256 Switchport priority defaultQueue cos-map 257258 65 Default CoS Priority LevelsThis command shows the current queue mode Show queue mode259 Show queue bandwidth66 Priority Commands Layer 3 Priority Commands Layer 3260 Show queue cos-map261 Syntax No map ip port Default Setting262 Syntax No map ip precedence Default Setting263 List below shows the default priority mapping67 Mapping IP Precedence to CoS Values 264 Syntax No map ip dscp Default Setting68 Mapping IP Dscp to CoS Values 265266 This command shows the IP port priority mapShow map ip port Syntax Show map ip port interface267 This command shows the IP precedence priority mapShow map ip precedence Syntax Show map ip precedence interface268 This command shows the IP Dscp priority mapShow map ip dscp Syntax Show map ip dscp interfaceIgmp Snooping Commands Multicast Filtering Commands69 Multicast Filtering Commands 70 Igmp Snooping CommandsFollowing example enables Igmp snooping Syntax No ip igmp snooping Default Setting270 Ip igmp snooping271 Following configures the switch to use Igmp VersionIp igmp snooping version Igmp VersionShow ip igmp snooping 272Show mac-address-table multicast 71 Igmp Query Commands Layer Igmp Query Commands Layer273 Ip igmp snooping querierIp igmp snooping query-count 274Times 275 Following shows how to configure the query count toIp igmp snooping query-interval 276 Seconds The report delay advertised in Igmp queries. RangeIp igmp snooping query-max-response-time 277 Switch must use IGMPv2 for this command to take effectIp igmp snooping router-port-expire-time 72 Static Multicast Routing Commands Static Multicast Routing Commands278 Ip igmp snooping vlan mrouter279 Displays multicast router ports for all configured VLANsShow ip igmp snooping mrouter Syntax Show ip igmp snooping mrouter vlan vlan-id73 IP Interface Command Syntax IP Interface Commands280 Ip address281 Interface Configuration VlanSyntax Ip default-gateway gateway no ip default-gateway Ip default-gateway282 Ip dhcp restartShow ip interface 283284 This command has no default for the hostShow ip redirects Ping285 74 DNS Commands DNS Commands286 Ip host 287No static entries This example maps two address to a host nameClear host 288Ip domain-name Syntax Clear host nameIp domain-list 289Syntax No ip domain-list name Ip name-server 290Ip domain-name4-288 291 Syntax No ip domain-lookup Default SettingIp domain-lookup Ip domain-name4-288 ip domain-lookup4-291Show hosts 292Ip domain-name4-288 ip name-server4-290 This command displays entries in the DNS cache This command displays the configuration of the DNS server293 Show dns294 This command clears all entries in the DNS cacheClear dns cache 75 Show DNS Output DescriptionAccess Control Lists AuthenticationDhcp Client Port Configuration PoEAdditional Features Class of ServicePort Trunking Spanning Tree ProtocolSNMPv3 StandardsManagement Information Bases Table B-1 Troubleshooting Chart Problems Accessing the Management InterfaceSymptom Action Cannot access Using System Logs Troubleshooting Glossary-1 Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 Virtual LAN Vlan Glossary-8XModem Index-1 IndexIgmp Index-2Index-3 Index-4 Page For Technical SUPPORT, Call